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Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 
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earned patent term adjustment. See 37 CFR' 1.704(b). 

Status 

1)^ Responsive to communication(s) filed on 13 October 2006 , 
2a)n This action is FINAL. 2b)|3 This action is non-final. 

3) 0 Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex pa/Ye Quay/e, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-3, 5-1 3, 19 and 25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) S Claim(s) 1-3,5-13, 19 and 25 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) n Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10)S The drawing(s) filed on 06/14/2001 is/are: a)^ accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 
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1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 
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application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

Response to Amendment 

1. Applicant's amendment and arguments, filed on 10/13/2006, with respect to 
claims 1-3, 5-13, 19 and 25 have been fully considered but are moot in view of the new 
ground(s) of rejection. 

The finality of the rejection of last Office action is withdrawn. 
Claims 4, 14-18, 20-24 and 26 have been canceled. 

Claim Rejections - 35 USC §112 

2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 1-3, 5-13, 19 and 25 are rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which applicant regards as the invention. 

Regarding to independent Claim 1.7, 19 and 25 , these claims are vague and 
indefinite because the subject mater "type" extends the scope as to render it indefinite. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
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the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1-3, 5-13, 19 and 25 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over US patent 5, 727,146 ("Savoldi et a!.") in view of US patent 6,744,767 
("Chiu et al.") and further in view of US patent 6,944,673 B2 ("Malan et a!."). 

Regarding Claims t 5 and 7. Savoldi et al. teach a method of dynamically 
protecting network access using packet source address, comprising of 

receiving, in a system, a data unit (51 as packet) containing a source address 
indicating a source of a data unit (packet), 

matching the source address with information stored in the system (50), and 

enabling entry of the data unit (packet) to the first network if the source address 
matches the information stored in the system (52) and denying entry (with error) of the 
data unit to the first network if the source address does not match the information stored 
in the system (52) (See Fig. 7, Col. 1, line 61 - Col. 2, line 8), and 

indicating occurrence of an attack of the first network in response to 
determining that the identifier of allow/request configuration field that does not match 
the stored allow/request configuration field (See Fig. 4, Col. 3, lines 58-63). 

Savoldi et al. teach substantially all the claimed invention but did not disclose 
expressly the particular application involving limitations of 

"a storage module to store a threshold value for a communications session, the 
threshold value representing an acceptable rate of incoming data units from the external 
network to the first network" and 
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"a controller adapted to deny further entry of data units from the external network 
to the first network in the communications session in response to the controller 
detecting that the rate of incoming data units exceeds the threshold value". 

Chiu et al. teach a method and networks of voice gateways (22) for bandwidth 
management during implementation of Quality of Service using Internet Protocol 
provisioning including 

a storage module (54 memory buffer) (See Fig. 2, Col 5, lines 53-55) to store a 
threshold value (global and local thresholds) for a communications session, the 
threshold value representing an acceptable rate of incoming data units from the external 
network to the first network (maximum incoming packet rate), and 

a controller (51 ) adapted to deny further entry of data units from the external 
network to the first network in the communications session in response to the controller 
detecting that the rate of incoming data units exceeds the threshold value (See Fig. 2, 
Col. 5, lines 32-58). 

A person of ordinary skill in the art would have been motivated to employ Chiu et 
al. in Savoldi et al. in order to obtain a method of dynamically protecting network access 
using packet source address and to take advantage of a memory buffer to store a global 
and local thresholds for a communications session, representing an acceptable 
maximum incoming packet rate and a controller to deny further entry of data units from 
the external network to the first network in the communications session in response to 
the controller detecting that the rate of incoming data units exceeds the acceptable 
maximum incoming packet rate in claims 16 and 21. 
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The suggestion/motivation to do so would have been to store a global and local 
thresholds to a memory buffer for a communications session, representing an 
acceptable maximum incoming packet rate and a controller to deny further entry of data 
units from the external network to the first network in the communications session in 
response to the controller detecting that the rate of incoming data units exceeds the 
acceptable maximum incoming packet rate, as suggested by Chiu et al. in Fig. 2, Col. 5, 
lines 32-58. At the time the invention was made, therefore, it would have been obvious 
to one of ordinary skill in the art to which the invention pertains to combine Chiu et al. 
with Savoldi et al. to obtain the inventions specified in claims 16 and 21. 

Savoldi et al. and Chiu et al. teach substantially all the claimed invention but did 
not disclose expressly the particular application involving limitations of 

"profiling scheme by protocol filter and security action of generating a report that 
an attack is occurring". 

Malan et al. teach a method for networks profiling relating to common denial of 
service attack tracking technique including steps of examining multiple layers of the 
protocol stack and including the data and blocking at any layer or depth if violation 
happened (See Col. 2, lines 5-16) and generating a report that an attack is occurring 
(See Fig. 7,. Col. 10, lines 6-35). 

A person of ordinary skill in the art would have been motivated to employ Malan 
et al. in Savoldi et al. and Chiu et al. in order to obtain a method of dynamically 
protecting network access using packet source address and to take advantage of a 
common denial of service attack' tracking technique including steps of examining 
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multiple layers of the protocol stack and including the data and blocking at any layer or 
depth if violation happened and generating a report that an attack is occurring in claims 
16 and 21. 

The suggestion/motivation to do so would have been to use a common denial of 
service attack tracking technique including steps of examining multiple layers of the 
protocol stack and including the data and blocking at any layer or depth if violation 
happened and generating a report that an attack is occurring, as suggested by Malan et 
al. in Col. 2, lines 5-16 and Col. 10, lines 6-35. At the time the invention was made, 
therefore, it would have been obvious to one of ordinary skill in the art to which the 
invention pertains to combine Malan et al. with Savoldi et al. and Chiu et al. to obtain 
the inventions specified in claims 1 6 and 21 . 

Regarding Claim 8-13, 19 and 25, as discussed above, Savoldi et al. and Malan 
et al. teach substantially all the claimed invention but did not disclose expressly the 
particular application involving limitations of "in the rate of incoming data from the 
external network exceeding the threshold". 

Chiu et al. teach a method and networks of voice gateways (22) for bandwidth 
management during implementation of Quality of Service using Internet Protocol by a 
controller (51 ) adapted to deny further entry of data units from the external network to 
the first network in the communications session in response to the controller detecting 
that the rate of incoming data units exceeds the threshold value (See Fig. 2, Col. 5, 
lines 32-58). 
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A person of ordinary skill in the art would have been motivated to employ Chiu et 
al. in Savoldi et al. and Malan et al. in order to obtain a method of dynamically 
protecting network access using packet source address and to take advantage of 
measuring the predetermined bandwidth requirement in claims 12-13, 19 and 25. 

The suggestion/motivation to do so would have been to measure measuring the 
predetermined bandwidth requirement, as suggested by Chiu et al. in Col. 5, lines 32- 
58. At the time the invention was made, therefore, it would have been obvious to one of 
ordinary skill in the art to which the invention pertains to combine Chiu et al. with the 
Savoldi et al. and Malan et al. to obtain the inventions specified in claims 12-13, 19 and 
25. 

Regarding Claim 6, as discussed above, Savoldi et al. and Malan et al. teach 
substantially all the claimed invention but did not disclose expressly the particular 
application involving limitations of 

"check if the incoming data unit contains a ReaUTime Protocol or Real-Time 
Control Protocol payload, and to deny further entry of the incoming data unit if the 
incoming data unit does not contain a Real-Time Protocol or Real-Time Control Protocol 
payload". 

Chiu et al. further teach that checking for VoIP packet with User Datagram 
Protocol and Real Time Protocol (See Col. 9, lines 48-55). 

A person of ordinary skill in the art would have been motivated to employ Chiu et 
al. in Savoldi et al. and Malan et al. in order to obtain a method of dynamically 
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protecting network access using packet source address and to take advantage of 
checking for VoIP packet with User Datagram Protocol and RTP in claim 24. 

The suggestion/motivation to do so would have been to check for VoIP packet 
with User Datagram Protocol and Real Time Protocol, as suggested by Chiu et al. in 
Col. 9, lines 48-55. At the time the invention was made, therefore, it would have been 
obvious to one of ordinary skill in the art to which the invention pertains to combine Chiu 
et al. with the Savoldi et al. and Malan et al. to obtain the inventions specified in claim 
24. 

6. Claims 2-3 are rejected under 35 U.S.C. 103(a) as being unpatental?le over 
US patent 5, 727,146 ("Savoldi et al.") in view of US patent 6,944,673 B2 ("Malan et aL") 
and further in view of US patent 6,928,082 B2 ("Liu et al.") and further in view of US 
patent 6,744,767 ("Chiu et al."). 

Regarding claim 2 . as discussed above, this claim have limitation that is similar 
to those of claim 1 and Liu et al. further teach the matching the source address with one 
or more entries of a network address translation mapping table server (26) (See Col. 8, 
lines 2-13), thus those are rejected with the same rationale applied against claim 1 
above. 

Regarding claim 3. as discussed above, this claim have limitation that is similar 
to those of claim 1 and Liu et al. further teach that matching the source address 
comprises matching an Internet Protocol (IP) address (See Col. 5, lines 64-67), thus 
those are rejected with the same rationale applied against claim 1 above. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Richard Chang whose telephone number is (571) 272- 
3129. The examiner can normally be reached on Monday - Friday from 8 AM to 5 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ricky Ngo can be reached on (571) 272-3139. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300, 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions oh access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



rkc 



Richard Chang 
Patent Examiner 
Art Unit 2616 




RICKY Q. NGO 
SUPERVISORY PATENT EXAMINER 



